[nrf noup] Added BOOT_SIGNATURE_USING_ITS for ecdsa configuration

This configuration has the purpose of using keys provisioned
to the internal trusted storage (ITS). It makes use of the
already existing parts of code for MCUBOOT_BUILTIN_KEY

Signed-off-by: Artur Hadasz <[email protected]>

Author: ahasztag

boot/bootutil/include/bootutil/crypto/ecdsa.h

@@ -397,17 +397,20 @@ static const uint8_t Secp384r1[] = {0x06, 0x05, 0x2b, 0x81, 0x04, 0x00, 0x22};
 
 static inline void bootutil_ecdsa_init(bootutil_ecdsa_context *ctx)
 {
-#if !defined(MCUBOOT_BUILTIN_KEY)
+#if !defined(MCUBOOT_BUILTIN_KEY) && !defined(CONFIG_BOOT_SIGNATURE_USING_ITS)
     ctx->key_id = PSA_KEY_ID_NULL;
     ctx->curve_byte_count = 0;
     ctx->required_algorithm = 0;
 
-#else /* !MCUBOOT_BUILTIN_KEY */
+#else /* !MCUBOOT_BUILTIN_KEY &&  !CONFIG_BOOT_SIGNATURE_USING_ITS */
     /* The incoming key ID is equal to the image index. The key ID value must be
      * shifted (by one in this case) because zero is reserved (PSA_KEY_ID_NULL)
      * and considered invalid.
      */
+#if defined(MCUBOOT_BUILTIN_KEY)
     ctx->key_id++; /* Make sure it is not equal to 0. */
+#endif
+
 #if defined(MCUBOOT_SIGN_EC256)
     ctx->curve_byte_count = 32;
     ctx->required_algorithm = PSA_ALG_SHA_256;
@@ -426,7 +429,7 @@ static inline void bootutil_ecdsa_drop(bootutil_ecdsa_context *ctx)
     }
 }
 
-#if !defined(MCUBOOT_BUILTIN_KEY)
+#if !defined(MCUBOOT_BUILTIN_KEY) && !defined(CONFIG_BOOT_SIGNATURE_USING_ITS)
 /*
  * Parse a ECDSA public key with format specified in RFC5280 et al.
  *
@@ -471,8 +474,9 @@ static int bootutil_ecdsa_parse_public_key(bootutil_ecdsa_context *ctx,
 
     return (int)psa_import_key(&key_attributes, *cp, key_size, &ctx->key_id);
 }
-#endif /* !MCUBOOT_BUILTIN_KEY */
+#endif /* !MCUBOOT_BUILTIN_KEY && !CONFIG_BOOT_SIGNATURE_USING_ITS */
 
+#if !defined(CONFIG_BOOT_SIGNATURE_USING_ITS)
 /* Verify the signature against the provided hash. The signature gets parsed from
  * the encoding first, then PSA Crypto has a dedicated API for ECDSA verification
  */
@@ -491,6 +495,60 @@ static inline int bootutil_ecdsa_verify(bootutil_ecdsa_context *ctx,
     return (int) psa_verify_hash(ctx->key_id, PSA_ALG_ECDSA(ctx->required_algorithm),
                                  hash, hlen, reformatted_signature, 2*ctx->curve_byte_count);
 }
+#else /* !CONFIG_BOOT_SIGNATURE_USING_ITS */
+
+struct boot_ecdsa_key_info {
+    psa_key_id_t key_id;
+    psa_algorithm_t algorithm;
+};
+
+static psa_key_id_t builtin_key_ids[] =  {
+    0x40022100,
+    0x40022101,
+    0x40022102,
+    0x40022103
+};
+
+#define BOOT_SIGNATURE_BUILTIN_KEY_SLOTS ARRAY_SIZE(builtin_key_ids)
+
+static inline int bootutil_ecdsa_verify(bootutil_ecdsa_context *ctx,
+                                        uint8_t *pk, size_t pk_len,
+                                        uint8_t *hash, size_t hlen,
+                                        uint8_t *sig, size_t slen)
+{
+    (void)pk;
+    (void)pk_len;
+    (void)slen;
+    psa_status_t status = PSA_ERROR_BAD_STATE;
+
+    /* Initialize PSA Crypto */
+    status = psa_crypto_init();
+    if (status != PSA_SUCCESS) {
+        BOOT_LOG_ERR("PSA crypto init failed %d", status);
+        return 1;
+    }
+
+    uint8_t reformatted_signature[96] = {0}; /* Enough for P-384 signature sizes */
+    parse_signature_from_rfc5480_encoding(sig, ctx->curve_byte_count, reformatted_signature);
+
+    status = PSA_ERROR_BAD_STATE;
+
+    for (int i = 0; i < BOOT_SIGNATURE_BUILTIN_KEY_SLOTS; ++i) {
+        psa_key_id_t kid = builtin_key_ids[i];
+
+        status = psa_verify_hash(kid, PSA_ALG_ECDSA(ctx->required_algorithm),
+                                 hash, hlen, reformatted_signature, 2*ctx->curve_byte_count);
+        if (status == PSA_SUCCESS) {
+            break;
+        }
+        BOOT_LOG_ERR("ECDSA signature verification failed %d", status);
+    }
+
+    return (int) status;
+}
+
+#endif /* !CONFIG_BOOT_SIGNATURE_USING_ITS */
+
 #elif defined(MCUBOOT_USE_MBED_TLS)
 
 typedef mbedtls_ecdsa_context bootutil_ecdsa_context;

boot/bootutil/src/image_validate.c

@@ -514,7 +514,8 @@ bootutil_img_validate(struct boot_loader_state *state,
 #endif
                      )
 {
-#if (defined(EXPECTED_KEY_TLV) && defined(MCUBOOT_HW_KEY)) || defined(MCUBOOT_HW_ROLLBACK_PROT) || defined(MCUBOOT_DECOMPRESS_IMAGES)
+#if (defined(EXPECTED_KEY_TLV) && defined(MCUBOOT_HW_KEY)) || defined(MCUBOOT_HW_ROLLBACK_PROT) || defined(MCUBOOT_DECOMPRESS_IMAGES) \
+    || defined(MCUBOOT_BUILTIN_KEY)
     int image_index = (state == NULL ? 0 : BOOT_CURR_IMG(state));
 #endif
     uint32_t off;

boot/zephyr/Kconfig

@@ -422,7 +422,14 @@ config BOOT_KMU_KEYS_REVOCATION
 	help
 	  Enabling KMU key revocation backend.
 
-if !BOOT_SIGNATURE_USING_KMU
+config BOOT_SIGNATURE_USING_ITS
+	bool "Use KMU stored keys for signature verification"
+	depends on NRF_SECURITY
+	help
+	  MCUboot will use keys provisioned to the internal trusted storage for signature
+	  verification instead of compiling in key data from a file.
+
+if !BOOT_SIGNATURE_USING_KMU && !BOOT_SIGNATURE_USING_ITS
 
 config BOOT_SIGNATURE_KEY_FILE
 	string "PEM key file"

boot/zephyr/include/mcuboot_config/mcuboot_config.h

@@ -68,6 +68,10 @@
 #define MCUBOOT_HW_KEY
 #endif
 
+#ifdef CONFIG_BOOT_SIGNATURE_USING_ITS
+#define MCUBOOT_BUILTIN_KEY
+#endif
+
 #ifdef CONFIG_BOOT_VALIDATE_SLOT0
 #define MCUBOOT_VALIDATE_PRIMARY_SLOT
 #endif